<?php
session_start();

require_once "../connection.php";

$username = $_POST['uname'];
$password = md5($_POST['pwd']);
$sql = 'SELECT * FROM user WHERE username=:username AND password=:password';
$sth = $db->prepare($sql);
$sth->bindParam(':username', $username);
$sth->bindParam(':password', $password);
$sth->execute();
$res = $sth->fetch();
if ($res) {
	echo json_encode (array ('ok'=>'OK'));
	$_SESSION['uid'] = $res['id'];
    $_SESSION['uname'] = $res['username'];
    $_SESSION['usertype'] = $res['usertype'];
} else {
	echo json_encode (array ('message'=>'Feil brukernavn eller passord'));
}
?>